You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by ma...@apache.org on 2014/11/06 02:41:08 UTC
git commit: Argus-159:HiveServer2 JDBC driver in http mode is not
using pre-authenticated subject credentials.
Repository: incubator-argus
Updated Branches:
refs/heads/ranger-0.4 8dba6a3c6 -> 55a75201f
Argus-159:HiveServer2 JDBC driver in http mode is not using
pre-authenticated subject credentials.
Project: http://git-wip-us.apache.org/repos/asf/incubator-argus/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-argus/commit/55a75201
Tree: http://git-wip-us.apache.org/repos/asf/incubator-argus/tree/55a75201
Diff: http://git-wip-us.apache.org/repos/asf/incubator-argus/diff/55a75201
Branch: refs/heads/ranger-0.4
Commit: 55a75201fd322ac4d5b3e6393f095f337a86ef37
Parents: 8dba6a3
Author: rmani <rm...@hortonworks.com>
Authored: Wed Nov 5 17:05:14 2014 -0800
Committer: Madhan Neethiraj <ma...@apache.org>
Committed: Wed Nov 5 17:39:34 2014 -0800
----------------------------------------------------------------------
.../com/xasecure/hive/client/HiveClient.java | 62 ++++++++++++++++----
1 file changed, 52 insertions(+), 10 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-argus/blob/55a75201/lookup-client/src/main/java/com/xasecure/hive/client/HiveClient.java
----------------------------------------------------------------------
diff --git a/lookup-client/src/main/java/com/xasecure/hive/client/HiveClient.java b/lookup-client/src/main/java/com/xasecure/hive/client/HiveClient.java
index 09abecf..ce586a5 100644
--- a/lookup-client/src/main/java/com/xasecure/hive/client/HiveClient.java
+++ b/lookup-client/src/main/java/com/xasecure/hive/client/HiveClient.java
@@ -61,9 +61,9 @@ public class HiveClient extends BaseClient implements Closeable {
}
public void initHive() {
-
isKerberosAuth = getConfigHolder().isKerberosAuthentication();
if (isKerberosAuth) {
+ LOG.info("Secured Mode: JDBC Connection done with preAuthenticated Subject");
Subject.doAs(getLoginSubject(), new PrivilegedAction<Object>() {
public Object run() {
initConnection();
@@ -73,14 +73,28 @@ public class HiveClient extends BaseClient implements Closeable {
}
else {
LOG.info("Since Password is NOT provided, Trying to use UnSecure client with username and password");
- String userName = getConfigHolder().getUserName() ;
- String password = getConfigHolder().getPassword() ;
- initConnection(userName,password);
+ final String userName = getConfigHolder().getUserName() ;
+ final String password = getConfigHolder().getPassword() ;
+ Subject.doAs(getLoginSubject(), new PrivilegedAction<Object>() {
+ public Object run() {
+ initConnection(userName,password);
+ return null;
+ }
+ }) ;
}
-
}
- public List<String> getDatabaseList(String databaseMatching) {
+ public List<String> getDatabaseList(String databaseMatching){
+ final String dbMatching=databaseMatching;
+ List<String> dblist = Subject.doAs(getLoginSubject(), new PrivilegedAction<List<String>>() {
+ public List<String> run() {
+ return getDBList(dbMatching);
+ }
+ }) ;
+ return dblist;
+ }
+
+ private List<String> getDBList(String databaseMatching) {
List<String> ret = new ArrayList<String>() ;
String errMsg = " You can still save the repository and start creating "
+ "policies, but you would not be able to use autocomplete for "
@@ -121,8 +135,19 @@ public class HiveClient extends BaseClient implements Closeable {
}
return ret ;
}
+
+ public List<String> getTableList(String database, String tableNameMatching){
+ final String db=database;
+ final String tblNameMatching=tableNameMatching;
+ List<String> tableList = Subject.doAs(getLoginSubject(), new PrivilegedAction<List<String>>() {
+ public List<String> run() {
+ return getTblList(db,tblNameMatching);
+ }
+ }) ;
+ return tableList;
+ }
- public List<String> getTableList(String database, String tableNameMatching) {
+ public List<String> getTblList(String database, String tableNameMatching) {
List<String> ret = new ArrayList<String>() ;
String errMsg = " You can still save the repository and start creating "
+ "policies, but you would not be able to use autocomplete for "
@@ -186,8 +211,20 @@ public class HiveClient extends BaseClient implements Closeable {
List<String> ret = null ;
return ret ;
}
-
+
public List<String> getColumnList(String database, String tableName, String columnNameMatching) {
+ final String db=database;
+ final String tblName=tableName;
+ final String clmNameMatching=columnNameMatching;
+ List<String> columnList = Subject.doAs(getLoginSubject(), new PrivilegedAction<List<String>>() {
+ public List<String> run() {
+ return getClmList(db,tblName,clmNameMatching);
+ }
+ }) ;
+ return columnList;
+ }
+
+ public List<String> getClmList(String database, String tableName, String columnNameMatching) {
List<String> ret = new ArrayList<String>() ;
String errMsg = " You can still save the repository and start creating "
+ "policies, but you would not be able to use autocomplete for "
@@ -254,7 +291,12 @@ public class HiveClient extends BaseClient implements Closeable {
public void close() {
- close(con) ;
+ Subject.doAs(getLoginSubject(), new PrivilegedAction<Void>(){
+ public Void run() {
+ close(con) ;
+ return null;
+ }
+ });
}
private void close(Statement aStat) {
@@ -389,7 +431,6 @@ public class HiveClient extends BaseClient implements Closeable {
System.exit(1) ;
}
-
try {
hc = new HiveClient(args[0]) ;
@@ -447,6 +488,7 @@ public class HiveClient extends BaseClient implements Closeable {
HiveClient connectionObj = new HiveClient(dataSource,
connectionProperties);
if (connectionObj != null) {
+
List<String> testResult = connectionObj.getDatabaseList("*");
if (testResult != null && testResult.size() != 0) {
connectivityStatus = true;